Loading ...

Author: FarmhouseNetworking

Small Office Server Virtualization

Expand Server Storage - Clackmas County, OR

Had a client recently who had a smaller office network (they have up to 6 concurrent users) with a server to process orders from their website using a software called StoneEdge. This software is SQL-based database with a Microsoft Access front-end. It was time to upgrade their server to new hardware and cost was definitely an issue based on their size and order volume. In this case we chose to use a Synology device to act as the virtual machine host and create a new virtual server on the host. Here are some details:

Server Build Specifications

  • Synology RackStation RS1221+
  • Synology M2D20 – M.2 SSD Adapter Card
  • 2x Synology SNV3410-400G – 400GB NVMe M.2
  • 2x Synology D4ECSO-2666-16G – 16GB DDR4 2666 MHz ECC SO-DIMM Memory Module
  • 4x Seagate 4TB IronWolf Pro 7200 rpm SATA III 3.5″ Internal NAS HDD

Picked the Synology based on the expandability of RAM to 32 GB, the capability to use cache drives, and storage growth over time. It also has a 4-core 2.2 Ghz Ryzen processor which was plenty based on their old servers CPU usage.

Basics of Setup

  1. Assembled parts
  2. Installed Synology OS
  3. Setup HDDs in Synology SHR2 RAID
  4. Added M.2 drives as cache
  5. Installed the Virtual Machine Manager app
  6. Created a VM with the max CPU available and max Memory available
  7. Uploaded the ISO for the server OS
  8. Installed the server OS
  9. Setup the StoneEdge application
  10. Migrated data

This build did not increase performance dramatically, but it did allow them to spend about half the cost of a full server to accomplish the same purpose. It also reduced costs by using the Synology for backup of the server locally and into S3 storage in the cloud for redundancy.

If your company is looking to move their servers to a virtual environment or into the cloud, then contact us to start the process

Benefits of Wi-Fi 6e 

VoIP Telephone System - Grants Pass, OR

Wi-Fi technology is ingrained into our everyday lives WE COLLECTIVELY STREAM more movies and TV shows, play more online games, and make more video calls than ever before, and all this activity puts a serious strain on our Wi-Fi networks. Wi-Fi 6e has various features to improve the efficiency and data of your wireless network and reduce latency. the latest Wi-Fi 6e standards offers a range of benefits, including faster and more reliable access. So, what is Wi-Fi 6e and what are some of the benefits?

Wi-Fi 6e explained 

Existing technologies operate on two frequencies 2.4 GHz and 5GHz which have become more congested over time; Wi-Fi 6e adds access to a third frequency, 6GHz. now wireless devices can also use the 6GHz band. And the 6GHz band opens up the opportunity for higher transfer speeds. On top of that, currently there are about four 160 MHz-wide channels with normal Wi-Fi this 6GHz band brings with it seven 160 MHz-wide channels, More available channels mean more available spectrum for Wi-Fi service “and less overlap between networks in crowded areas like apartment complexes or offices,”. with less overlap and congestion you are able to connect more devices with the same efficiency expectation. Additionally there have been security improvements with Wi-Fi 6E that puts the burden on the router, rather than you, to secure connections between your devices. WPA3 is mandatory for all Wi-Fi 6 certified devices, which provides the latest security and authentication protocols. 

Summary of Benefits 

  • Faster, more reliable connection
  • Transmits data faster with less interference. 
  • You don’t have to compete with traffic from other devices or networks.
  • Security improvements making it more secure and harder to hack 
  • Accommodates more connected devices

If your company is looking to upgrade the wireless coverage in your office, whole building, or entire business complex, then contact us to evaluate your WiFi needs.

RMM Automation: Credential Manager Empty After Reboot

As our business continues to focus on providing white labeled Tier 3 IT support services, RMM as a service, and co-managed IT services this blog will be highlighting tips for using Powershell to fix Credential Manager empty after reboot. There has been several users at a bunch of clients recently that have lost access to a network share due to saved passwords and we found Credential Manager empty after reboot. It was easy enough to re-add their password to Credential Manager, but it was not sticking around. This sounds like a job for automation, so we created a script to clear the errant Credential Manger files and create a new entry for the user to connect to file shares.

Variables

$user = username to add to Credential Manager of network share connection

$pass = password to add to same

Script Snippet

### Remove file folder associated with Credential Manager
Remove-Item -Path %localappdata%\Microsoft\Vault -Recurse

### Install Credential Manager Powershell Module
Import-Module -Name CredentialManager -Force

### Convert password to Secure String and create credential
$password = ConvertTo-SecureString -string $pass -AsPlainText -Force
$Credential = new-object -typename System.Management.Automation.PSCredential -argumentlist $user, $password

# Save the credential object directly without unwrapping it:
New-StoredCredential -Credentials $Credential -Target 'Share Credentials' -Persist Enterprise -Comment "Share Credentials for $($Credential.UserName)" > $null

This script will need to be run in the context of the user who needs the credential created. Please use caution with this script as it will empty Credential Manager completely for the user context run with. Also it is advised to run a full CHKDSK /R on the root (C:\ usually) directory to make sure that nothing else is corrupt on the drive.

If your company is a MSP or wants to become one and automation just seems out of reach, then contact us to run your RMM for you.

RMM Automation: Create Office 365 User

As our business continues to focus on providing white labeled Tier 3 IT support services, RMM as a service, and co-managed IT services this blog will be highlighting tips for using Powershell to create Office 365 User and add them to groups. We have several clients with high employee turn-over which makes it necessary to often create Office 365 user. We will detail how to find all the needed data to create the proper script for each client (yes it will take a different script for each client due to different group names for each client).

Research

You need to get two pieces of information – the license type used by the organization to create users and the names of the groups to add users to

To find out the license types used use this commands:

Connect-MsolService
Get-MsolAccountSku

To find out all the groups in the organization use this commands: 

Connect-ExchangeOnline
Get-UnifiedGroup | Format-Table Alias

Variables

$displayName = Full user name – usually First name & Last Name
$userPrincipleName = Email address for user
$adminuser = Email address for admin of Office 365 Tenant
$adminpass = Password for admin of Office 365 Tenant
$licenseType = Office 365 license type found in research above

There is also the need for variables for each group you will be adding users to (found in research above). For this example I will be using:


$CompanyShared = Company Shared Contacts
$CompanyTimeOff = Company Time Off Calendar
$BillingPayroll = Billing & Payroll Group Email

Script Snippet

###Use this command to be allowed to use DotNet assemblies
Add-Type -AssemblyName System.web

$displayName = "UserFirst UserLast"
$userPrincipleName = “User@Company.com”
$adminuser = "admin@Company.com"
$adminpass = '@dm1nP4ssw0rd'

$CompanyShared = "yes"
$CompanyTimeOff = "yes"
$BillingPayroll = "no"

###converts admin credentials to useable format for connections to Office 365
$adminpassword = ConvertTo-SecureString -string $adminpass -AsPlainText -Force
$admincred = new-object -typename System.Management.Automation.PSCredential -argumentlist $adminuser, $adminpassword

Connect-AzureAD -Credential $admincred
Connect-MsolService -Credential $admincred

$mailNickname = $userPrincipleName.Split("@")[0]

###To find User License Types use Get-MsolAccountSku
$licenseType = "companytenantID:SPB"

###Generates a random password length
$minPassLength = 8 ## characters
$maxPassLength = 15 ## characters
$passlength = Get-Random -Minimum $minPassLength -Maximum $maxPassLength

###Generates a random number of non-alpha characters in the password
$minNonAlphaChars = 1 ## characters
$maxNonAlphaChars = 5 ## characters
$nonAlphaChars = Get-Random -Minimum $minNonAlphaChars -Maximum $maxNonAlphaChars

###Creates the password, makes it useable by Azure, sets it up to not require password change, and creates account
$password = [System.Web.Security.Membership]::GeneratePassword($passlength, $nonAlphaChars)
$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
$PasswordProfile.Password = "$password"
$PasswordProfile.ForceChangePasswordNextLogin = $false
Write-Host "Password is set to $password for $displayName"
$user = New-AzureADUSer -DisplayName $displayName -PasswordProfile $PasswordProfile -UserPrincipalName $userPrincipleName -mailNickname $mailNickname -AccountEnabled $true

###Waits 5 minutes for the user creation process in Office 365
Start-Sleep -Seconds 300

###Sets additional parameters for account that are needed like location, license type, and sets password to never expire
Get-MsolUser -UserPrincipalName $userPrincipleName | Set-MsolUser -UsageLocation US
Get-MsolUser -UserPrincipalName $userPrincipleName | Set-MsolUserLicense -AddLicenses $licenseType
Get-MsolUser –UserPrincipalName $userPrincipleName | Set-MsolUser –PasswordNeverExpires $True

###Adds new user to groups
if ($CompanyShared -eq "yes")
{ Add-MailboxPermission -Identity companyshared@premieror.com -User $userPrincipleName -AccessRights FullAccess -InheritanceType All}

if ($CompanyTimeOff -eq "yes")
{ Add-MailboxPermission -Identity companytimeoff@premieror.com -User $userPrincipleName -AccessRights FullAccess -InheritanceType All}

if ($BillingPayroll -eq "yes")
{ Add-MailboxPermission -Identity billing_payroll@premieror.com -User $userPrincipleName -AccessRights FullAccess -InheritanceType All}

This script requires that the admin account you use to setup the user have multifactor authentication turned off (I know not secure), so use a really long complex password. The script creates a random password for the new user and write it to output. The script will take several minutes to run due to the waiting for the account to finish setup before adding additional parameters and adding them to groups.

If your company is a MSP or wants to become one and automation just seems out of reach, then contact us to run your RMM for you.

Restore OneDrive Files Deleted by Any Office 365 User

Here is how to restore OneDrive files deleted by any Office 365 user:

  • Login to Office 365 admin portal: https://admin.microsoft.com
  • Might need to click Show More to see the SharePoint Admin Center – click on that
  • Click on Active Sites
  • Click on Site Name
  • Click on the URL for the site in the side bar
  • Click on Recycle Bin
  • Select one or many files to restore and then click the Restore button at the top

It will then take several minutes for the files to repopulate into OneDrive on all computers, so be patient.

If your company is using OneDrive for Business and wants expert management, then contact us for assistance.

RMM Automation: Synology Resource Monitoring

As our business continues to focus on providing white labeled Tier 3 IT support services, RMM as a service, and co-managed IT services this blog will be highlighting tips for Synology resource monitoring. We have developed best practices for alerting on a Synology device for resources like CPU, Memory, and Disk Usage. When these Synology resource monitoring alerts are consistently triggered it show that the device is over utilized or if they remain triggered for long periods of time then it shows there is an issue on the device itself. We also setup weekly Storage Reports to get an accurate view of the changes and growth going on with client storage.

Setup Notifications

Make sure that Notifications are setup on the Synology first

  1. Open Control Panel
  2. Click on Notifications
    • Check enable email notifications
    • Choose Service Provider
    • Login to Gmail or use Custom SMTP server for Office 365 as the sender
    • Change Subject to indicate name of device
    • Add recipient email (Best to use one that ties into a PSA or RMM)
    • Click Apply
    • Send a Test Email

Setup Synology Resource Monitoring

  1. Open Resource Monitor app
    1. Click on Performance Alarm to the left
    2. Click on Rules tab
    3. Click Create
    4. Create the following Rules one by one
      1. Volume Critical
        1.  Select which volume [create multiple rules if more than one volume]
        2. Select Disk I/O utilization
        3. Greater than 90%
        4. Level Critical
      2. Volume Warning
        1.  Select which volume [create multiple rules if more than one volume]
        2. Select Disk I/O utilization
        3. Greater than 75%
        4. Level Warning
      3. System Memory Critical
        1. Memory Usage
        2. Greater than 90%
        3. Level Critical
      4. System Memory Warning
        1. Memory Usage
        2. Greater than 75%
        3. Level Warning
      5. System CPU Critical
        1. CPU Usage
        2. Greater than 90%
        3. Level Critical
      6. System CPU Warning
        1. CPU Usage
        2. Greater than 75%
        3. Level Warning
    5. Click Settings and check box to Enable usage history then click Save

Setup Storage Reports

  1. Open Storage Analyzer
    1. Select new location
    2. Create new shared folder named Log Files – hide from network
    3. Go back to Storage Analyzer and select new folder
    4. Set volume usage data to be collected Daily at 2am 
    5. Create report task
      1. Send to email (Best to use one that ties into a PSA)
      2. Generate reports at Monday 4am
      3. Keep 60 reports then click Next
      4. Select report items
        1. Volume Usage
        2. Shared Folders
        3. Potential Duplicate Files
        4. Large Files
        5. Least Recently Modified Files then click Next
      5. Analyze all folders then click Next
      6. Leave duplicate file defaults then click Next
      7. Click Done
    6. Close App

Once this is setup you will start getting email alerts sent to you or better yet your PSA / RMM for ticket creation and review.

If your company is a MSP or wants to become one and automation just seems out of reach, then contact us to run your RMM for you.

Zero Trust – Application Whitelisting

This is the eighth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on Application Whitelisting. 

Application Whitelisting

Application Whitelisting is a process of determining which software programs the company absolutely needs to do business, marking them as safe, and blocking any other program that tries to run on company computers. This methodology has the distinct advantage of blocking almost all forms of malware on computers. Pairing this with a good next-gen antivirus creates an impenetrable wall against malware threats. It also prevents users from accidentally or intentionally running something that should not be on company computers. Here are some questions to ask:

  • Do you know all software on your computers?
  • Do your users spend time on company computers listening to music?
  • Have any of your users ever downloaded software without asking?
  • Do you have a computer use policy? How is that enforced?

If your company is wanting to lock down what is running on company computers, then contact us for assistance.

A Most Reviewed Global Productivity & Collaboration Consultant

At Farmhouse Networking, we provide professional support for small to medium business networks. Our mission is to bring grass-roots IT support to local and national businesses. We analyze the processes that make business happen, then help you develop long-term plans to ensure that your IT system fosters the growth your business requires to blossom.

For this reason, we proudly share a milestone for Farmhouse Networking. The Manifest has recognized us as a leading and most reviewed global productivity and collaboration company. The Manifest is a business blog and reviews platform aiming to link buyers with vendors that can help them with their ongoing or upcoming projects.

Since our establishment in 2015, we have worked with trusted hardware and software vendors to add the essential elements which provide a nourishing medium to make your business flourish. Since our founding, we have developed the breadth and depth of knowledge required to manage business-class networks properly.

Chief Aircraft Inc, an online aircraft parts retailer, engaged in an ongoing collaboration with us in 2016 for managed IT services. The project started when the client was transitioning, and we stepped in to help modernize their systems and set up a solution to back up and monitor their network properly.

“In upgrading our network and data backups Scott has managed to lower the cost to us on a long-term basis and make everything easier to access as well as more secure.” – Josh Confer, Webmaster, Chief Aircraft Inc

The whole team at Farmhouse Networking would like to use this opportunity to communicate how much we value all our clients and partners. The feedback they’ve written means so much to us and will help us cement our name in the industry. If you need a caring expert to tend to your computers and network while you do business, get in touch with us. Our organic IT support is only a phone call away

Farmhouse Networking’s UpCity Best of Oregon Award!

Farmhouse Networking has been working to establish our reputation and grow our business to serve others in the surrounding areas. God has continued to be gracious to provide that growth and it is being recognized. 

“Every year, UpCity’s Best of Awards honor our B2B service providers’ tremendous work within rotating focus areas. Winners are selected using a variety of online credibility ranking factors which remain consistent regardless of the year’s focus area. In 2022, we celebrate the best providers at the local level for each U.S. state and Canadian province.”

Thank you to all our clients for making this possible as we continue to serve your IT needs. 

Zero Trust – Software Patching

This is the seventh in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on software patching. 

Software Patching

Software patching is a neccesity because no person who writes code is perfect and hackers are actively looking for these mistakes. The hackers find the mistakes and then develop ways of using these to exploit the software, computer, or whatever else they can gain access to. The only way to combat both the mistakes and the exploits is to discover them before the hackers do and patch the hole in the software. This patch can however lead to unforseen consequences to the software, so a plan for testing and deployment of patches is needed to avoid unexpected downtime to businesses.Here are some questions to ask:

  • Do you know all of the hardware and software on your network?
  • Do you check for hardware, operating system, and other software regularly?
  • How do you check for updates, patches, or upgrades to software?
  • How do you install these patches? Is it automated?
  • Are these patches tested before installation?
  • What happens if a patch causes problems?
  • Do you have a log of all installed updates?
  • Are any systems or software on your network no longer supported for updates?

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Archives

Categories

Plant a Seed 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2022- Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

[contact-form-7 id="452" title="Free Network Evaluation"]